Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149E50/2DD7638C924111EFA56CCE21C4F9AE02/99AA0D12924111EFB764DA22C4F9AE02.roa
File: 99AA0D12924111EFB764DA22C4F9AE02.roa (raw, json)
Hash identifier: /mhXFSUm8wgJtNfejG+rJ98B0FGC7kHmpO9IfNRXQCI=
Subject key identifier: 09:C0:52:22:9F:39:3C:66:41:EC:D9:F3:09:2D:21:06:D6:B7:5C:8A
Certificate issuer: /CN=A9149E50/serialNumber=ECB4840056046A8A932284EA5F1E046A02331CE9
Certificate serial: 50
Authority key identifier: EC:B4:84:00:56:04:6A:8A:93:22:84:EA:5F:1E:04:6A:02:33:1C:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7LSEAFYEaoqTIoTqXx4EagIzHOk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149E50/2DD7638C924111EFA56CCE21C4F9AE02/99AA0D12924111EFB764DA22C4F9AE02.roa
Signing time: Mon 03 Mar 2025 09:20:14 +0000
ROA not before: Mon 03 Mar 2025 09:20:14 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 152479
IP address blocks: 2401:cfa0::/32 maxlen: 32
2401:cfa0::/40 maxlen: 40
2401:cfa0:100::/40 maxlen: 40
2401:cfa0:101::/48 maxlen: 48
2401:cfa0:200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9149E50/2DD7638C924111EFA56CCE21C4F9AE02/7LSEAFYEaoqTIoTqXx4EagIzHOk.crl
rsync://rpki.apnic.net/member_repository/A9149E50/2DD7638C924111EFA56CCE21C4F9AE02/7LSEAFYEaoqTIoTqXx4EagIzHOk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7LSEAFYEaoqTIoTqXx4EagIzHOk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 06:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80 (0x50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149E50
Validity
Not Before: Mar 3 09:20:14 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c5744e-0ff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:16:11:8d:31:51:b8:c4:2f:00:a2:e4:a7:22:
69:bf:bd:cd:5b:3c:88:ac:d0:95:15:39:86:c7:58:
52:d5:c8:e5:14:e4:0f:71:e8:37:aa:28:35:65:9d:
46:ba:b8:3a:01:90:d9:6f:19:04:a1:08:ad:1c:29:
04:f8:ee:87:98:75:ed:87:e9:a5:c6:ac:3c:2e:74:
df:24:38:e7:72:08:da:eb:ed:4f:b3:cf:1a:0d:0b:
e8:bb:22:80:b0:dd:eb:e5:39:71:8f:3f:07:ce:f0:
9a:e4:a1:d2:12:dc:eb:d4:1d:24:c5:5f:e5:1c:bd:
99:d8:5a:b0:71:85:38:de:a8:9b:1c:f1:aa:7b:09:
ae:a7:ad:32:67:25:8f:61:4b:dc:8f:19:17:cd:6e:
ae:a9:a9:eb:c5:bc:54:d0:42:21:ab:6e:34:54:53:
fe:0f:53:fb:e9:6a:7a:47:f9:4f:89:cb:86:95:95:
78:bb:12:8b:d8:f2:c1:3a:6c:ea:6e:2d:f8:87:34:
24:6b:a7:9a:8b:ab:4c:b5:cd:2c:d8:2c:48:72:c2:
07:81:c3:a1:02:73:ca:ad:fa:d2:c7:e3:6b:61:f5:
8b:05:7e:bb:f4:3a:e7:52:0a:2a:93:46:93:32:76:
e3:98:e6:54:cd:d0:6d:4a:15:92:33:68:50:9b:08:
4d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C0:52:22:9F:39:3C:66:41:EC:D9:F3:09:2D:21:06:D6:B7:5C:8A
X509v3 Authority Key Identifier:
keyid:EC:B4:84:00:56:04:6A:8A:93:22:84:EA:5F:1E:04:6A:02:33:1C:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149E50/2DD7638C924111EFA56CCE21C4F9AE02/7LSEAFYEaoqTIoTqXx4EagIzHOk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7LSEAFYEaoqTIoTqXx4EagIzHOk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149E50/2DD7638C924111EFA56CCE21C4F9AE02/99AA0D12924111EFB764DA22C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:cfa0::/32
Signature Algorithm: sha256WithRSAEncryption
72:e7:90:9c:47:67:2b:86:df:b0:df:f7:21:d6:4f:ff:da:f5:
f2:84:19:9a:67:f8:8f:b3:79:aa:7f:c3:b5:2e:23:1d:f9:38:
31:40:a5:12:31:25:0a:9d:95:eb:b3:fd:d4:b3:af:05:9b:b9:
53:29:70:75:b8:39:ce:e6:3d:f6:33:53:dd:bb:92:d8:77:d0:
29:82:5d:ea:20:4c:fb:8a:ac:78:cb:ef:fb:61:2b:66:5a:bc:
84:a5:24:17:d7:1e:d9:bb:40:e6:cf:c8:ff:67:81:2b:36:e1:
2d:dc:6b:a4:fe:b1:a1:38:22:3a:06:83:f2:92:46:84:12:c2:
57:d4:80:0c:10:ca:11:2a:b7:c5:88:94:f6:29:5a:c1:aa:2b:
45:b0:83:e8:4a:af:df:3c:4e:57:af:2c:18:9a:56:d1:44:d2:
f2:5f:d2:4b:8a:d9:0a:09:f0:fd:74:1a:d4:c0:2f:7c:ff:c5:
7f:2d:85:42:0d:76:bc:9f:5d:a1:84:3d:b7:da:6d:b4:43:f4:
db:c3:62:b2:39:6d:14:ec:36:d1:eb:b4:5f:0e:dc:14:99:72:
bc:55:3a:2f:5a:fd:19:06:70:63:fb:6e:0b:96:7f:70:f1:d9:
53:f4:99:d2:49:c6:52:f9:80:50:bf:bc:89:6b:ba:c2:e2:9b:
79:e3:bd:2a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBUDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
OUU1MDExMC8GA1UEBRMoRUNCNDg0MDA1NjA0NkE4QTkzMjI4NEVBNUYxRTA0NkEw
MjMzMUNFOTAeFw0yNTAzMDMwOTIwMTRaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YzU3NDRlLTBmZjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCmFhGNMVG4xC8AouSnImm/vc1bPIis0JUVOYbHWFLVyOUU5A9x6DeqKDVlnUa6
uDoBkNlvGQShCK0cKQT47oeYde2H6aXGrDwudN8kOOdyCNrr7U+zzxoNC+i7IoCw
3evlOXGPPwfO8JrkodIS3OvUHSTFX+UcvZnYWrBxhTjeqJsc8ap7Ca6nrTJnJY9h
S9yPGRfNbq6pqevFvFTQQiGrbjRUU/4PU/vpanpH+U+Jy4aVlXi7EovY8sE6bOpu
LfiHNCRrp5qLq0y1zSzYLEhywgeBw6ECc8qt+tLH42th9YsFfrv0OudSCiqTRpMy
duOY5lTN0G1KFZIzaFCbCE3dAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUCcBSIp85
PGZB7NnzCS0hBta3XIowHwYDVR0jBBgwFoAU7LSEAFYEaoqTIoTqXx4EagIzHOkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ5RTUwLzJERDc2MzhDOTI0
MTExRUZBNTZDQ0UyMUM0RjlBRTAyLzdMU0VBRllFYW9xVElvVHFYeDRFYWdJekhP
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvN0xTRUFGWUVhb3FUSW9UcVh4NEVhZ0l6SE9rLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
OUU1MC8yREQ3NjM4QzkyNDExMUVGQTU2Q0NFMjFDNEY5QUUwMi85OUFBMEQxMjky
NDExMUVGQjc2NERBMjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQBz6AwDQYJKoZIhvcNAQELBQADggEBAHLnkJxHZyuG37Df
9yHWT//a9fKEGZpn+I+zeap/w7UuIx35ODFApRIxJQqdleuz/dSzrwWbuVMpcHW4
Oc7mPfYzU927kth30CmCXeogTPuKrHjL7/thK2ZavISlJBfXHtm7QObPyP9ngSs2
4S3ca6T+saE4IjoGg/KSRoQSwlfUgAwQyhEqt8WIlPYpWsGqK0Wwg+hKr988Tlev
LBiaVtFE0vJf0kuK2QoJ8P10GtTAL3z/xX8thUINdryfXaGEPbfabbRD9NvDYrI5
bRTsNtHrtF8O3BSZcrxVOi9a/RkGcGP7bguWf3Dx2VP0mdJJxlL5gFC/vIlrusLi
m3njvSo=
-----END CERTIFICATE-----
Generated at Fri Apr 11 20:47:19 2025 by rpki-client